ansible-roles-openbsd
is a collection of well curated Ansible roles for the OpenBSD operating system. All Ansible roles are licensed under the Simplified BSD License.
- Configurations follow the secure-by-default principle
- Roles are mostly self-contained and dependencies avoided
- Roles and services support multiple states (install, remove, enable, disable, inactive)
- Scripts and cronjobs support multiple states (enable, disable)
- Services can be monitored with Monit and exported via monit_exporter to Prometheus
- Scripts support Email and Prometheus monitoring
- Logs can be forwarded with syslog to Loki
- Roles can proxy HTTP/HTTPS traffic through Squid forward proxy
- Host-based firewall restricts ingress and egress traffic by default
- PF can be used as network-based/perimeter firewall
- Restic and rest-server are available as backup solution
- OpenNTPD is configurable as NTP client and server
- Unbound is available as resolving DNS server
- NSD is available as authoritative DNS server
- Prometheus has built-in alerting rules and Grafana dashboards
- Loki has built-in alerting rules and Grafana dashboards
- Parameters are documented with examples
- Changes adhere to semantic versioning guidelines
- Roles contain changelog
The following operating systems are supported:
- OpenBSD 7.5
- OpenBSD 7.6
The Ansible control machine depends on:
- Ansible >= 2.15.0
The Ansible managed node depends on:
- Python >= 3.10.0
Distributed under the Simplified BSD License.
See LICENSE
file for more information.
See CREDITS
file for more information.
Suricata |
---|
System Status | Script Status |
---|---|
Node Exporter | IPMI Exporter |
---|---|
Network Traffic | Ping Prober |
---|---|